Page 8 of 63 results (0.015 seconds)

CVSS: 2.6EPSS: 0%CPEs: 62EXPL: 0

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks. • http://www.mozilla.org/security/announce/mfsa2005-03.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=257308 https://exchange.xforce.ibmcloud.com/vulnerabilities/19166 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100055 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •

CVSS: 2.6EPSS: 0%CPEs: 10EXPL: 0

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. • http://www.mozilla.org/security/announce/mfsa2005-04.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=262689 https://exchange.xforce.ibmcloud.com/vulnerabilities/19169 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. • http://www.mozilla.org/security/announce/mfsa2005-08.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.redhat.com/support/errata/RHSA-2005-384.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=265728 https://exchange.xforce.ibmcloud.com/vulnerabilities/19171 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10362 https://access.redhat.com/security/cve/CVE-2005-0146 https://bugzilla.redhat •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. • http://www.mozilla.org/security/announce/mfsa2005-09.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=267263 https://exchange.xforce.ibmcloud.com/vulnerabilities/19174 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9578 •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages. • http://secunia.com/advisories/19823 http://www.mozilla.org/security/announce/mfsa2005-11.html http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.redhat.com/support/errata/RHSA-2005-094.html http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html http://www.securityfocus.com/bid/12407 https://bugzilla.mozilla.org/show_bug.cgi?id=268107 https://exchange.xforce.ibmcloud.com/vulnerabilities/19172 htt •